I would like to host a static website at amazon S3, but I need to restrict access to it to certain users. This maybe by ip address or by amazon credentials (only logged in users can access the bucket's content.

In order to restrict access to certain IPs, you may create additional bucket policy.

Restricting Access to Specific IP Addresses

This statement grants permissions to any user to perform any S3 action
on objects in the specified bucket. However, the request must
originate from the range of IP addresses specified in the condition.
The condition in this statement identifies 192.168.143.* range of
allowed IP addresses with one exception, 192.168.143.188.